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Abstract 

We show that lambda calculus is a computation model which can 
step by step simulate any sequential deterministic algorithm for any 
computable function over integers or words or any datatype. More 
formally, given an algorithm above a family of computable functions 
(taken as primitive tools, i.e., kind of oracle functions for the algo- 
rithm), for every constant K big enough, each computation step of 
the algorithm can be simulated by exactly K successive reductions in 
a natural extension of lambda calculus with constants for functions in 
the above considered family. 

The proof is based on a fixed point technique in lambda calculus and 
on Gurevich sequential Thesis which allows to identify sequential de- 
terministic algorithms with Abstract State Machines. 
This extends to algorithms for partial computable functions in such a 
way that finite computations ending with exceptions are associated to 
finite reductions leading to terms with a particular very simple feature. 
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mantics 

1 Introduction 

1.1 Operational versus Denotational Completeness 

Since the pioneering work of Church and Kleene, going back to 1935, many 
computation models have been shown to compute the same class of func- 
tions, namely, using Turing Thesis, the class of all computable functions. 
Such classes are said to be Turing complete or denotationally algorithmically 
complete. 

This is a result about crude input /output behaviour. What about the 
ways to go from the input to the output, i.e., the executions of algorithms 
in each of these computation models? Do they constitute the same class? 
Is there a Thesis for algorithms analog to Turing Thesis for computable 
functions? 

As can be expected, denotational completeness does not imply opera- 
tional completeness. Clearly, the operational power of machines using mas- 
sive parallelism cannot be matched by sequential machines. For instance, 
on networks of cellular automata, integer multiplication can be done in real 
time (cf. Atrubin, 1962 |pQ, see also Knuth, [21] p. 394-399), whereas on Tur- 
ing machines, an f2(n/logn) time lower bound is known. Keeping within 
sequential computation models, multitape Turing machines have greater op- 
erational power than one-tape Turing machines. Again, this is shown using 
a complexity argument: palindromes recognition can be done in linear time 
on two-tapes Turing machines, whereas it requires computation time 0(n 2 ) 
on one-tape Turing machines (Hennie, 1965 [18], see also [5], 124]). 

Though resource complexity theory may disprove operational algorithmic 
completeness, there was no formalization of a notion of operational complete- 
ness since the notion of algorithm itself had no formal mathematical mod- 
elization. Tackled by Kolmogorov in the 50's [20], the question for sequential 
algorithms has been answered by Gurevich in the 80's [TTJ[T2j[T3] (see [6] for a 
comprehensive survey of the question), with their formalization as " evolving 
algebras" (now called "abstract state machines" or ASMs) which has lead to 
Gurevich's sequential Thesis. 

Essentially, an ASM can be viewed as a first order multi-sorted structure 
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and a program which modifies some of its predicates and functions (called 
dynamic items). Such dynamic items capture the moving environment of 
a procedural program. The run of an ASM is the sequence of structures 
- also called states - obtained by iterated application of the program. The 
program itself includes two usual ingredients of procedural languages, namely 
affectation and the conditional "if. . . then. . . else. . . " , plus a notion of parallel 
block of instructions. This last notion is a key idea which is somehow a 
programming counterpart to the mathematical notion of system of equations. 

Gurevich's sequential Thesis [121 EE EZ] asserts that ASMs capture the 
notion of sequential algorithm. Admitting this Thesis, the question of oper- 
ational completeness for a sequential procedural computation model is now 
the comparison of its operational power with that of ASMs. 

1.2 Lambda Calculus and Operational Completeness 

In this paper we consider lambda calculus, a subject created by Church 
and Kleene in the 30's, which enjoys a very rich mathematical theory. It 
may seem a priori strange to look for operational completeness with such a 
computation model so close to an assembly language (cf. Krivine's papers 
since 1994, e.g., [22]). It turns out that, looking at reductions by groups 
(with an appropriate but constant length), and allowing one step reduction 
of primitive operations, lambda calculus simulates ASMs in a very tight way. 
Formally, our translation of ASMs in lambda calculus is as follows. Given 
an ASM, we prove that, for every integer K big enough (the least such 
K depending on the ASM), there exists a lambda term 9 with the following 
property. Let a\, . . . , a* be the values (coded as lambda terms) of all dynamic 
items of the ASM at step t, if the run does not stop at step t then 

K reductions 

9a\...al ^~ "~^> 9a\ +1 ...a t + 1 . 

If the run stops at step t then the left term reduces to a term in normal form 
which gives the list of outputs if they are defined. Thus, representing the 
state of the ASM at time t by the term 9a\ . . . a* , a group of K successive 
reductions gives the state at time t+1. In other words, K reductions faithfully 
simulate one step of the ASM run. Moreover, this group of reductions is that 
obtained by the leftmost redex reduction strategy, hence it is a deterministic 
process. Thus, lambda calculus is operationally complete for deterministic 
sequential computation. 



4 



Let us just mention that adding to lambda calculus one step reduction of 
primitive operations is not an unfair trick. Every algorithm has to be "above" 
some basic operations which are kind of oracles: the algorithm decomposes 
the computation in elementary steps which are considered as atomic steps 
though they obviously themselves require some work. In fact, such basic 
operations can be quite complex: when dealing with integer matrix product 
(as in Strassen's algorithm in time O(n log7 )), one considers integer addition 
and multiplication as basic... Building algorithms on such basic operations 
is indeed what ASMs do with the so-called static items, cf. §2.3[ Point 2. 

The proof of our results uses Curry's fixed point technique in lambda 
calculus plus some padding arguments. 

1.3 Road Map 

This paper deals with two subjects which have so far not been much related: 
ASMs and lambda calculus. To make the paper readable to both ASM 
and lambda calculus communities, the next two sections recall all needed 
prerequisites in these two domains (so that most readers may skip one of 
these two sections). 

What is needed about ASMs is essentially their definition, but it cannot 
be given without a lot of preliminary notions and intuitions. Our presentation 
of ASMs in §0 differs in inessential ways from Gurevich's one (cf. [T3J HS1 
[TTldn]). Crucial in the subject (and for this paper) is Gurevich's sequential 
Thesis that we state in §2.21 We rely on the literature for the many arguments 
supporting this Thesis. 

§|3] recalls the basics of lambda calculus, including the representation of 
lists and integers and Curry fixed point combinator. 

The first main theorem in §5 .31 deals with the simulation in lambda calcu- 
lus of sequential algorithms associated to ASMs in which all dynamic symbols 
are constant ones (we call them type ASMs). The second main theorem in 
§5.41 deals with the general case. 
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Euclid's algorithm in Pascal 



while b > do begin 



Euclid's algorithm in ASM 



z := a: 



a := b; 

b := rem (z, b); 
end; 



if < b then 



a := b 

b := rem (a, b) 



gcd := a. 



(In both programs, a, b are inputs and a is the output) 



Figure 1: Pascal and ASM programs for Euclid's algorithm 



2 ASMs 

2.1 The Why and How of ASMs on a Simple Example 



Euclid's Algorithm Consider Euclid's algorithm to compute the greatest 
common divisor (gcd) of two natural numbers. It turns out that such a simple 
algorithm already allows to pinpoint an operational incompleteness in usual 
programming languages. Denoting by rem(u,v) the remainder of u modulo 
v, this algorithm can be described as followsj 



Observe that the the pair replacement in the above while loop involves some 
elementary parallelism which is the algorithmic counterpart to co-arity, i.e., 
the consideration of functions with range in multidimensional spaces such as 
the N 2 —¥ N 2 function (x,y) h-> (y,rem(x,y)). 

Euclid's Algorithm in Pascal In usual programming languages, the 
above simultaneous replacement is impossible: affectations are not done in 
parallel but sequentially. For instance, no Pascal program implements it as 
it is, one can only get a distorted version with an extra algorithmic contents 
involving a new variable z, cf. Figure [TJ 

1 Sometimes, one starts with a conditional swap: if a < b then a, b are exchanged. But 
this is done in the first round of the while loop. 



Given data: two natural numbers a, b 

While b 7^ replace the pair (a, b) by (b, rem(a, b)) 

When 6 = halt: a is the wanted gcd 
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An ASM for Euclid's Algorithm Euclid's algorithm has a faithful for- 
malization using an ASM. The vertical bar on the left in the ASM program 
(cf. Figure [I]) tells that the two updates are done simultaneously and in- 
dependently. Initialization gives symbols a, b the integer values of which we 
want to compute the gcd. The semantical part of the ASM involves the 
set N of integers to interpret all symbols. Symbols 0,<,=,rem have fixed 
interpretations in integers which are the expected ones. Symbols a, b have 
varying interpretations in the integers. The sequence of values taken by a, b 
constitutes the run of the ASM. 

When the instruction gets void (i.e., when b is null) the run stops and the 
value of the symbol a is considered to be the output. 

2.2 Gurevich Sequential Thesis 

Yuri Gurevich has gathered as three Sequential Postulates (cf. [TO [10]) some 
key features of deterministic sequential algorithms for partial computable 
functions (or type 1 functionals). 

I (Sequential time). An algorithm is a deterministic state-transition sys- 
tem. Its transitions are partial functions. 

Non deterministic transitions and even nonprocedural input/output 
specifications are thereby excluded from consideration. 

II (Abstract states). States are multitructures^l, sharing the same fixed, 
finite vocabulary. States and initial states are closed under isomor- 
phism. Transitions preserve the domain, and transitions and isomor- 
phisms commute. 

Ill (Bounded exploration). Transitions are determined by a fixed finite 
"glossary" of "critical" terms. That is, there exists some finite set of 
(variable-free) terms over the vocabulary of the states such that states 
that agree on the values of these glossary terms also agree on all next- 
step state changes. 

Gurevich, 2000 [17], stated an operational counterpart to Church's Thesis 
: Thesis. [Gurevich's sequential Thesis] Every sequential algorithm satisfies 
the Sequential Postulates I-III. 

2 In ASM theory, an ASM is, in fact, a multialgebra (cf. point 1 of Remark £|2.1[) . 
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2.3 The ASM Modelization Approach 



Gurevich's postulates lead to the following modelization approach (we depart 
in non essential ways from [10], see Remark 12. ip . 

1. The base sets. Find out the underlying families of objects involved 
in the given algorithm, i.e., objects which can be values for inputs, 
outputs or environmental parameters used during the execution of the 
algorithm. These families constitute the base sets of the ASM. In Eu- 
clid's algorithm, a natural base set is the set N of natural integers. 

2. Static items. Find out which particular fixed objects in the base sets 
are considered and which functions and predicates over/between the 
base sets are viewed as atomic in the algorithm, i.e., are not given any 
modus operandi. Such objects, functions and predicates are called the 
primitive or static items of the ASM. They do not change value through 
transitions. In Euclid's algorithm, static items are the integer 0, the 
rem function and the < predicate. 

3. Dynamic items. Find out the diverse objects, functions and predicates 
over the base sets of the ASM which vary through transitions. Such 
objects, functions and predicates are called the dynamic items of the 
ASM. In Euclid's algorithm, these are a, b. 

4. States: from a multi-sorted partial structure to a multi-sorted partial 
algebra. Collecting all the above objects, functions and predicates leads 
to a first-order multi-sorted structure of some logical typed language: 
any function goes from some product of sorts into some sort, any pred- 
icate is a relation over some sorts. However, there is a difference with 
the usual logical notion of multi-sorted structure: predicates and func- 
tions may be partial. A feature which is quite natural for any theory 
of computability, a fortiori for any theory of algorithms. 

To such a multi-sorted structure one can associate a multi-sorted alge- 
bra as follows. First, if not already there, add a sort for Booleans. Then 
replace predicates by their characteristic functions In this way, we get a 
multi-sorted structure with partial functions only, i.e. a multialgebra. 

5. Programs. Finally, the execution of the algorithm can be viewed as 
a sequence of states. Going from one state to the next one amounts 
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to applying to the state a particular program - called the ASM pro- 
gram - which modifies the interpretations of the sole dynamic symbols 
(but the universe itself and the interpretations of the static items re- 
main unchanged). Thus, the execution of the algorithm appears as an 
iterated application of the ASM program. It is called the run of the 
ASM. 

Using the three above postulates, Gurevich [IBJ E] proves that quite el- 
ementary instructions - namely blocks of parallel conditional updates - 
suffice to get ASM programs able to simulate step by step any deter- 
ministic procedural algorithm. 

6. Inputs, initialization map and initial state. Inputs correspond to the 
values of some distinguished static symbols in the initial state, i.e., we 
consider that all inputs are given when the algorithm starts (though 
questionable in general, this assumption is reasonable when dealing 
with algorithms to compute a function). All input symbols have arity 
zero for algorithms computing functions. Input symbols with non zero 
arity are used when dealing with algorithms for type 1 functionals. 
The initialization map associates to each dynamic symbol a term built 
up with static symbols. In an initial state, the value of a dynamic 
symbol is required to be that of the associated term given by the ini- 
tialization map. 

7. Final states and outputs. There may be several outputs, for instance if 
the algorithm computes a function N k — > N e with I > 2. 

A state is final when, applying the ASM program to that state, 

(a) either the Halt instruction is executed (Explicit halting), 

(b) or no update is made (i.e. all conditions in conditional blocks of 
updates get value False) (Implicit halting) . 

In that case, the run stops and the outputs correspond to the values 
of some distinguished dynamic symbols. For algorithms computing 
functions, all output symbols are constants (i.e. function symbols with 
arity zero). 

8. Exceptions. There may be a finite run of the ASM ending in a non final 
state. This corresponds to exceptions in programming (for instance a 
division by 0) and there is no output in such cases. This happens when 
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(a) either the Fail instruction is executed (Explicit failing), 

(b) or there is a clash between two updates which are to be done 
simultaneously (Implicit failing). 

Remark 2.1. Let us describe how our presentation of ASMs (slightly) departs 
from [10] . 

1. We stick to what Gurevich says in §.2.1 of jH] (Lipari Guide, 1993): "Ac- 
tually, we are interested in multi-sorted structures with partial operations". 
Thus, we do not regroup sorts into a single universe and do not extend func- 
tions with the undef element. 

2. We add the notion of initialization map which brings a syntactical coun- 
terpart to the semantical notion of initial state. It also rules out any question 
about the status of initial values of dynamic items which would not be in- 
puts. 

3. We add explicit acceptance and rejection as specific instructions in ASM 
programs. Of course, they can be simulated using the other ASM instruc- 
tions (so, they are syntactic sugar) but it may be convenient to be able to 
explicitly tell there is a failure when something like a division by zero is to 
be done. This is what is done in many programming languages with the so- 
called exceptions. Observe that Fail has some common flavor with undef. 
However, Fail is relative to executions of programs whereas undef is relative 
to the universe on which the program is executed. 

4. As mentioned in §2.1[ considering several outputs goes along with the idea 
of parallel updates. 

2.4 Vocabulary and States of an ASM 

ASM vocabularies and ASM states correspond to algebraic signatures and 
algebras. The sole difference is that an ASM vocabulary comes with an extra 
classification of its symbols as static, dynamic, input and output carrying the 
intuitions described in points 2, 3, 6, 7 of §2.31 

Definition 2.2. 1. An ASM vocabulary is a finite family of sorts s\, . . . ,s m 
and a finite family C of function symbols with specified types of the form 
or Sj x x • • • x Si k — > Si (function symbols with type Sj are also called constants 
of type Si). Four subfamilies of symbols are distinguished: 



C sta (static symbols) 
£dyn (&y nam i c symbols) 



X (input symbols) 
O (output symbols) 
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such that C sta , C dyn is a partition of C and X C C sta and O C £^ n . We 
a/so require that there is a sort to represent Booleans and that C sta contains 
symbols to represent the Boolean items (namely symbols True, False, A, 
V) and, for each sort s, a symbol = s to represent equality on sort s. 

2. Let C be an ASM vocabulary with n sorts. An £-state is any n-sort 
multialgebra S for the vocabulary C The multi-domain of S is denoted by 
(Hi, . . . , him) ■ We require that 

i. one of the Ui 's is Bool with the expected interpretations of symbols 
True, False, s A, V, 

ii. the interpretation of the symbol =i is usual equality in the interpretation 
Ui of sort Si. 

In the usual way, using variables typed by the n sorts of C, one constructs 
typed £-terms and their types. The type of a term t is of the form Si or 
Sj 1 x • • • x s ik — > Si where s^, . . . , s ik are the types of the different variables 
occurring in t. Ground terms are those which contain no variable. The 
semantics of typed terms is the usual one. 

Definition 2.3. Let £ be an ASM vocabulary and S an ASM C- state. Lett be 
a typed term with type s^x ■ ■ ■ x — > Sj. We denote by t$ its interpretation 
in S, which is a function U^ x • • • xUi e —> Ui. In case £ = 0, i.e., no variable 
occurs, then t s is an element ofUi. 

It will be convenient to lift the interpretation of a term with i variables 
to be a function with any arity k greater than I. 

Definition 2.4. Let C be an ASM vocabulary and S an ASM C-state with 
universeU . Suppose a : {1, ...,£}—> {1, ... ,p} is any map andr : {1, . . . ,p} — > 
{1, . . . , m} is a distribution of (indexes of) sorts. Suppose t is a typed term of 
type s T ( (7 (i)) x • • • x Sr^)) Si. We let t T f be the function U St{1) x • • • x U Sr(p) ->■ 
Ui such that, for all (oi, • • • ,a p ) G U St(1) x • • • x U St(p) , 

ts a ( a ii " ' j a k) — ^<s(<Mi), • • • , a<r(<o) • 
2.5 Initialization Maps 

£-terms with no variable are used to name particular elements in the universe 
U of an ASM whereas £-terms with variables are used to name particular 
functions over U. 
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Using the lifting process described in Definition I2.4[ one can use terms 
containing less than k variables to name functions with arity k. 

Definition 2.5. 1, Let C be an ASM vocabulary. An ^-initialization map 

£ has domain family £( dyn *> of dynamic symbols and satisfies the following 
condition: 

if a is a dynamic function symbol with type s T n) x ■ ■ • x s T m — > Sj 
then £(a) is a pair (a, t) such that a : {!,...,£} — > {1, . . . , p} 
and t is a typed C-term with type s T (o-(i)) x • • • x s T (o-(f)) — > $i 
which is built with the sole static symbols (with t : {1, . . . ,p} — > 
{l,...,m}j. 

2. Let £ be an C -initialization map. An C-state S is ^-initial if, for any 
dynamic function symbol a, if ^{ct) = {o~,t) then the interpretation of a in S 
is tg . 

3. An C-state is initial if it is ^-initial for some £. 

Remark 2.6. Of course, the values of static symbols are basic ones, they are 
not to be defined from anything else: either they are inputs or they are the 
elementary pieces upon which the ASM algorithm is built. 



2.6 ASM Programs 

Definition 2.7. 1. The vocabulary of ASM programs is the family of symbols 



{Skip , Halt , Fail 



if . . . then . . . else . . .} 



2. (£- updates). Given an ASM vocabulary C, a sequence of k + 1 ground 
typed C-terms t\, . . . ,tk,u (i.e. typed terms with no variable), a dynamic 
function symbol a, if ot{t\, . . . ,tk) is a typed C-term with the same type as u 
then the syntactic object a(ti, . . . ,tfc) ■— u is called an C-update. 

3. (^-programs) . Given an ASM vocabulary C, the C programs are obtained 
via the following clauses. 

i. (Atoms). Skip, Halt, Fail and all C-updates are C-programs. 

ii. (Conditional constructor). Given a ground typed term C with Boolean 
type and two C-programs P, Q, the syntactic object 

if C then P else Q 

is an C-program. 
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Hi. (Parallel block constructor). Given n > 1 and C-programs Pi, . . . , P n , 
the syntactic object (with a vertical bar on the left) 

Pi 

Pn 

is an C-program. 
The intuition of programs is as follows. 

• Skip is the program which does nothing. Halt halts the execution in 
a successful mode and the outputs are the current values of the output 
symbols. Fail also halts the execution but tells that there is a failure, 
so that there is no meaningful output. 

• Updates modify the interpretations of dynamic symbols, they are the 
basic instructions. The left member has to be of the form «(•••) with 
a a dynamic symbol because the interpretations of static symbols do 
not vary. 

• The conditional constructor has the usual meaning whereas the par- 
allel constructor is a new control structure to get simultaneous and 
independent executions of programs Pi, ... , P n . 

2.7 Action of an ^-Program on an £-State 
2.7.1 Active Updates and Clashes 

In a program the sole instructions which have some impact are updates. 
They are able to modify the interpretations of dynamic symbols on the sole 
tuples of values which can be named by tuples of ground terms. Due to 
conditionals, not every update occurring in a program will really be active, 
it does depend on the state to which the program is applied. Which symbols 
on which tuples are really active and what is their action? This is the object 
of the next definition. 

Definition 2.8 (Active updates). Let C be an ASM vocabulary, P an C- 
program and S an C-state. Let Update(P) be the family of all updates occur- 
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ring in P. The subfamily Active (S,P) C Update(P) of so-called (S,P)- 
active updates is defined via the following induction on P : 

Active (S, Skip) = 

Active (S, a(h, . . . , t k ) := u) = {a(h, ...,t k ) := u] 

Active (S,Q) if Cs = True 
Active (S, if C then Q else P) = I Active (5, P) if C s = False 



z/ C s i Bool 



Active (<S, 



Pi 

: ) = Active (5, Pi) U . . . U Active (5, P n ) 

Pn 



The action of a program P on a state S is to be seen as the conjunction 
of updates in Active (S,P) provided these updates are compatible. Else, 
P clashes on S. 

Definition 2.9. An C-program P clashes on an C-state S if there exists two 
active updates a(si,...,Sk) '■— u and a(ti, . . . ,tk) '■= v in Active (S,P) 
relative to the same dynamic symbol a such that s± s = t ls , . . . , s ks = t ks 
but us and vs are not equal (as elements of the universe). 

Remark 2.10. A priori, another case could also be considered as a clash. We 

illustrate it for a parallel block of two programs P, Q and the update of a 

dynamic constant symbol c. Suppose c s ^ u$ and c := u is an active update 

in Active («S, P). Then P wants to modify the value of c s . Suppose also that 

there is no active update with left member c in Active (S, Q). Then Q does 

not want to touch the value of cs- Thus, P and Q have incompatible actions: 

P modifies the interpretation of c whereas Q does nothing about c. One 

P 

could consider this as a clash for the parallel program _ . Nevertheless, 

this case is not considered to be a clash. A moment reflection shows that this 
is a reasonable choice. Otherwise, a parallel block would always clash except 
in case all programs Pi, . . . , P n do exactly the same actions... Which would 
make parallel blocks useless. 



2.7.2 Halt and Fail 

Definition 2.11. Let C be an ASM vocabulary, S be an C-state and P an 
C-program. By induction, we define the two notions: P halts (resp. fails) on 
S. 
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• If P is Skip or an update then P neither halts nor fails on S. 

• If P is Halt (resp. Fail) then P halts and does not fail (resp. fails 
and does not halt) on S . 

• if C then Q else R halts on S if and only if 

either Cs = True and Q halts on S 
or Cs = False and R halts on S 

if C then Q else R fails on S if and only if 

either Cs = True and Q fails on S 
or Cs = False and R fails on S . 

• The parallel block of programs P±, . . . ,P n halts on S if and only if some 
Pi halts on S and no Pj fails on U. 

• The parallel block of programs P ± , . . . ,P n . fails on S if and only if some 
Pi fails on S. 

2.7.3 Successor State 

Definition 2.12. Let C be an ASM vocabulary and S be an £-state. 

The successor state T = Succ(<S, P) of state S relative to an £-program P 

is defined if only if P does not clash nor fail nor halt on S. 

In that case, the successor is inductively defined via the following clauses. 

1. T = Succ(5, P) and S have the same base sets 1A\, . . . ,U n . 

2. OLf = as for any static symbol a. 

3a. Succ( l S, Skip) = S (recall that Skip does nothing. . . .) 

3b. Suppose P is an update program a(t±, ...,£&) :— u where a is a dy- 
namic symbol with type Sj 1 x • • • x s ik — > Sj and a = (ti S , . . . ,tk S ). 
Then all dynamic symbols different from a have the same interpreta- 
tion in S and T and, for every b e x • • • x Ui k , we have a-j-(b) = 

as(b) if b 7^ a 
us iib — a 
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3c. Suppose P is the conditional program if C then Q else R. Then 

Succ(S, P) = Succ(<S, Q) if C s = True 
Succ(<S, P) = Succ(<S, R) if C 5 = False 

(since P does not fail on S, we know that Cs is a Boolean). 

Pi 

3d Suppose P is the parallel block program j and P does not clash 

Pn 

on S. Then T = Succ(iS, P) is such that, for every dynamic symbol 
a with type x ■ ■ ■ x s ik — > Sj and every tuple a = (ai, . . . , a^) in 
x • • ■ x Wj fc , 

• if there exists an update a(t\, . . . , tk) '■— u in Active (S,P) 
such that a = (ti S , . . . ,tks) then a{a)r is the common value of 
all vs for which there exists some update a(si, . . . , Sk) '■= v in 

Active (<S, P) such that a = (si S , . . . , Sj. s ). 

• Else a{a)r = oc(a)s- 

Remark 2.13. In particular, aq-{a) and as(a) have the same value in case a = 
(ai, . . . , a,k) is not the value in S of any fc-tuple of ground terms (ti,...,tk) 
such that Active (S,P) contains an update of the form a(ti, . . . ,tk) '■= u 
for some ground term u. 

2.8 Definition of ASMs and ASM Runs 

At last, we can give the definition of ASMs and ASM runs. 

Definition 2.14. 1. An ASM is a triple (C,P, (£, J~)) (with two morpholog- 
ical components and one semantico-morphological component) such that: 

• C is an ASM vocabulary as in Definition \2.2l 

• P is an C-program as in Definition \2. 1\ 

• £ is an C -initialization map and J is a ^-initial C-state as in Definition 
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An ASM has type if all its dynamic symbols have arity (i.e., they are 
constants) . 

2. The run of an ASM (£, P, (£, J)) is the sequence of states (Si)i £ i indexed 
by a finite or infinite initial segment IofN which is uniquely defined by the 
following conditions: 

• S is J . 

• i + 1 6 / if and only if P does not clash nor fail nor halt on Si and 



• If i + 1 G / then = Succ(5.;, P). 

3. Suppose I is finite and i is the maximum element of I . 

The run is successful if Active (Si,P) is empty or P halts on Si. In that 

case the outputs are the interpretations on Si of the output symbols. 

The run fails if P clashes or fails on Si. In that case the run has no output. 

Remark 2.15. In case Active (Si,P) ^ and P does not clash nor fail nor 
halt on Si and Si = Si + \ (i.e., if the active updates do not modify Si) then 
the run is infinite: Sj = Si for every j > i. 

2.9 Operational Completeness: the ASM Theorem 

Let us now state the fundamental theorem of ASMs. 

Theorem 2.16 (ASM Theorem, 1999 [161 HZ], cf- [Hi]). Every process sat- 
isfying the Sequential Postulates (cf. H2.2\) can be emulated by an ASM with 
the same vocabulary, sets of states and initial states. 

In other words, using Gurevich Sequential Thesis 12.21 every sequential 
algorithm can be step by step emulated by an ASM with the same values 
of all environment parameters. I.e., ASMs are operationally complete as 
concerns sequential algorithms. 

The proof of the ASM Theorem also shows that ASM programs of a 
remarkably simple form are sufficient. 

3 Nevertheless, it is possible that Si and Succ(5i, P) coincide, cf. Remark l2.15l 



Active (Si,P) 7^ (i.e. there is an active 
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Definition 2.17. Let C be an ASM vocabulary. Two ASM C-programs P, Q 
are equivalent if, for every C-initialization map £ and every ^-initial state J , 
the two ASMs (£, P, (£, J)) and (£, Q, (£, J)) have exactly the same runs. 

Theorem 2.18 (Gurevich, 1999 [16J). Every ASM program is equivalent to 
a program which is a parallel block of conditional blocks of updates, halt or 
fail instructions, namely a program of the form: 



if C\ then 



if C n then 



where the 1^ 's are updates or Halt or Fail and the interpretations ofC\,. . . , 
C n in any state are Booleans such that at most one of them is True. 

Proof. For Skip, Halt, Fail consider an empty parallel block. For an update 
or Halt or Fail consider a block of one conditional with a tautological con- 
dition. Simple Boolean conjunctions allow to transform a conditional of two 
programs of the wanted form into the wanted form. The same for parallel 
blocks of such programs. □ 



3 Lambda Calculus 

As much as possible, our notations are taken from Barendregt's book j3] 
(which is a standard reference on A-calculus). 



3.1 Lambda Terms 

Recall that the family A of A-terms of the A-calculus is constructed from an 
infinite family of variables via the following rules: 

1. Any variable is a A-term. 

2. (Abstraction) If x is a variable and M is a A-term then Ax . M is a 
A-term. 
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Decorated rules of reduction 


in A-calculus 




(Id) 


M — > M 




(Xx.M) A ->x 


M[A/x] 


(0) 


(App) 


M ->j M' 


A AT' 




M ->i M' 


(Abs) 


MA M'iV 


MAf MiV' 




(Xx.M) Ax.M' 



Figure 2: Reductions with decorations 



3. (Application) If M, A are A-terms then (M A) is a A-term. 

Free and bound occurrences of a variable in a A-term are defined as in 
logical formulas, considering that abstraction Xx . M bounds x in M. 

One considers A-terms up to a renaming (called a-conversion) of their 
bound variables. In particular, one can always suppose that, within a A- 
term, no variable has both free occurrences and bound occurrences and that 
any two abstractions involve distinct variables. 

To simplify notations, it is usual to remove parentheses in terms, accord- 
ing to the following conventions: 

• applications associate leftwards: in place of (• • • ((Ai A 2 ) A 3 ) • • • N k ) 
we write Ai A 2 A 3 • • • N k , 

• abstractions associate rightwards: Xxi . (Xx 2 . (• • • . (Xx k .M) ■ ■ ■)) is 
written Xx\ • ■ • x k ■ M. 

3.2 ^-Reduction 

Note 3.1. Symbols := are used for updates in ASMs and are also commonly 
used in A-calculus to denote by M[x := A] the substitution of all occurrences 
of a variable i in a term M by a term A. To avoid any confusion, we shall 
rather denote such a substitution by M[N/x\. 

The family of A-terms is endowed with a reducibility relation, called j3- 
reduction and denoted by — >. 

Definition 3.2. 1. Let P be a X-term. A subterm of P the form (Xx.M)N 
is called a (3-redex (or simply redex) of P. Going from P to the X-term 
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Q obtained by substituting in P this redex by M[N/x] (i.e., substituting N 
to every free occurrence of x in M) is called a fi-reduction and we write 
P Q . 

2. The iterations — >i of — > and the reflexive and transitive closure -» are 
defined as follows: 

= {(M, M) | M} 
— = — >i o — y (so that — > = 

= {(M , Mi) | 3Afi, . . . , Mi | M M x -)• ► Mj -> M i+1 } 

These reduction relations are conveniently expressed via axioms and rules ( cf. 
Figure 1): the schema of axioms ((3) gives the core transformation whereas 
rules (App) and (Abs) insure that this can be done for subterms. 

Relations — >i are of particular interest to analyse the complexity of the 
simulation of one ASM step in A-calculus. Observe that axioms and rules 
for — > extend to -». 

3.3 Normal Forms 

Definition 3.3. 1. A X-term M is in normal form if it contains no redex. 

2. A X-term M has a normal form if there exists some term N in normal 
form such that M -» N. 

Remark 3.4. There are terms with no normal form. The classical example is 
Q = AA where A = Xx . xx. Indeed, Q is a redex and reduces to itself. 

In a A-term, there can be several subterms which are redexes, so that 
iterating — > reductions is a highly non deterministic process. Nevertheless, 
going to normal form is a functional process. 

Theorem 3.5 ( Church- Rosser j?], 1936). The relation -» is confluent: if 
M -» N' and M -» N" then there exists P such that N' -» P and N" -» P. 
In particular, there exists at most one term N in normal form such that 
M -» N. 

Remark 3.6. Theorem 13.51 deals with -» exclusively: relation — >j is not con- 
fluent for any % > 1. 
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A second fundamental property is that going to normal form can be made 
a deterministic process. 

Definition 3.7. Let R',R" be two occurrences of redexes in a term P. We 
say that R' is left to R" if the first lambda in R' is left to the first lambda 
in R" (all this viewed in P). If terms are seen as labelled ordered trees, this 
means that the top lambda in R' is smaller than that in R" relative to the 
prefix ordering on nodes of the tree P. 

Theorem 3.8 (Curry & Feys [9], 1958). Reducing the leftmost redex of terms 
not in normal form is a deterministic strategy which leads to the normal form 
if there is some. 

In other words, if M has a normal form N then the sequence M = Mq — > 
Mi — > M 2 where each reduction Mi — >■ M i+ i reduces the leftmost redex 

in Mi (if Mi is not in normal form) is necessarily finite and ends with N. 

3.4 Lists in A-Calculus 

We recall the usual representation of lists in A-calculus with special attention 
to decoration (i.e., the number of /3-reductions in sequences of reductions). 

Proposition 3.9. Let (u\, . . . , Uj.) = Xz . zu\ . . . u k and, for % = 1, . . . , k, let 

7if = Xx 1 . . .x k . Xi. Then (u u . . . , u k ) 7if -^ 1+k Ui. 

Moreover, if all Ui's are in normal form then so is (ui, . . . ,u k ) and these 
reductions are deterministic: there exists a unique sequence of reductions 
from (ui, ...,u k ) to u,,. 

3.5 Booleans in A-Calculus 

We recall the usual representation of Booleans in A-calculus. 

Proposition 3.10. Boolean elements True, False and usual Boolean func- 
tions can be represented by the following X-terms, all in normal form: 





neg 


= Xx . 


x r False~ l r True n 


r True n = Xxy.x 
r False n = Xxy.y 


and 
or 

implies 


= Xxy 
= Xxy 
= Xxy 


. xy r False~ l 
. x r True n y 
. xy r True n 




iff 


= Xxy 


• xy( r ^y) 



For a, b e {True, False}, we have neg r a~~ [ — > r ->a~ 1 , and r a n r b~ 1 r afb~ 1 ,. . . . 
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Proposition 3.11 (If Then Else). For all terms M,N, 

(Xz . zMN) r True n ^ 2 M , (Xz . zMN) r False n ^ 2 N . 
We shall use the following version of iterated conditional. 

Proposition 3.12. For every n > 1 there exists a term Case n such that, for 
all normal terms Mi, . . . , M n and all t±, . . . ,t n e { r True n , r False n } ; 



relative to leftmost reduction in case U = r True n and Vj < i tj = r False n . 
Proof. Let u { = yi(Xx i+1 ./)... (Xx n . I), set 

Case n = Ayi . . . y n z x ...z n . z 1 u 1 (z 2 u 2 {. ■ ■ (z n _iu n _i(z n u n i")) . . .)) 
and observe that, for leftmost reduction, letting M[ = •ujMj/yj], 



Case n M l ...M n t l ...t n -> 2ri t^faM^. . . {t^M'^^M'J)) ■ ■ •)) 



3.6 Integers in A-Calculus 

There are several common representations of integers in A-calculus. We shall 
consider a slight variant of the standard one (we choose another term for 
r CP), again with special attention to decoration. 

Proposition 3.13. Let 



Case n M l ...M n t l ...t n ^ 3n M { 



M[ 

+ n -i Mi . 



□ 



r n 



Xz . z r True nr False~ l 
( r False n , r n n ) 



= Xz . z r False~ ir n~ 1 



Zero 
Succ 
Pred 



Xx . x r True n 
Xz . ( r False n , z) 
Xz . rr r False n 



The above terms are all in normal form and 



Zero r O n 
Zero r n + l n 



^3 
->3 



r True n 
r False n 



Succ r n~ 1 — >3 r n + l n 
PrecFn + l n — >3 r n~ [ 

Pred r O n ^ 3 r False n 



Moreover, all these reductions are deterministic. 
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Remark 3.14. The standard definition sets r n = Xx . x. Observe that 
Zero(Xx . x) — >2 r True n . The chosen variant of r n is to get the same deco- 
ration (namely 3) to go from Zero r 0~ [ to r True n and to go from Zero r n + l n 
to r False n . 

Let us recall Kleene's fundamental result. 

Theorem 3.15 (Kleene, 1936). For every partial computable function f : 
N fc — > N there exists a X-term M such that, for every tuple • • • ,rik), 

• M r ni~ [ ■ ■ ■ r n k ~ [ admits a normal form (i.e., is -» reducible to a term 
in normal form) if and only if (m, • • • , nn) ^ s ^ n the domain of f , 

• in that case, M r n{^ ■ ■ ■ r n k ~ 1 -» r f(nx, • • • , n^) -1 (and, by Theorem \3.5[ 
this normal form is unique). 

3.7 Datatypes in A-Calculus 

We just recalled some representations of Booleans and integers in A-calculus. 
In fact, any inductive datatype can also be represented. Using computable 
quotienting, this allows to also represent any datatype used in algorithms. 
Though we will not extend on this topic, let us recall Scott encoding of 
inductive datatypes in the A-calculus (cf. Mogensen |23j). 

1. If the inductive datatype has constructors ipi,...,ip p having 
arities k±, . . . , k p , constructor ipi is represented by the term 

Xxi . . . x ki ai ...a p . OLix-i ...x kl . 

In particular, if ipi is a generator (i.e., an arity constructor) 
then it is represented by the projection term Xai . . . a p . ctj. 

2. An element of the inductive datatype is a composition of the 
constructors and is represented by the similar composition of the 
associated X-terms. 

Extending the notations used for Booleans and integers, we shall also denote 
by r a~~ [ the A-term representing an element a of a datatype. 

Scott's representation of inductive datatypes extends to finite families of 
datatypes defined via mutual inductive definitions. It suffices to endow con- 
structors with types and to restrict compositions in point 2 above to those 
respecting constructor types. 
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3.8 Lambda Calculus with Benign Constants 



We consider an extension of the lambda calculus with constants to represent 
particular computable functions and predicates. Contrary to many A5-calculi 
(Church A5-calculus, 1941 [8j, Statman, 2000 [26J, Ronchi Delia Rocca, 2004 
[23] . Barendregt & Statman, 2005 |4J), this adds no real additional power: 
it essentially allows for shortcuts in sequences of reductions. The reason is 
that axioms in Definition 13.161 do not apply to all terms but only to codes of 
elements in datatypes. 

Definition 3.16. Let ¥ be a family of functions with any arities over some 
datatypes A%, . . . , A n . The A^-calculus is defined as follows: 

• The family of X^-terms is constructed as in Q3.1\ from the family of 
variables augmented with constant symbols: one constant Cf for each 

few. 

• The axioms and rules of the top table of Figure [H o,re augmented with 
the following axioms: if f : A ix x • • • x A ik — > Ai is in ¥ then, for all 
(at, ■ ■ ■ ,a k ) e A h x • • • x A ik , 

(Ax f ) c f r ai n - •• r a fc n -> r /(ai, • • • ,a fe ) n . 

Definition 3.17. 1. We denote by — >p the classical (3-reduction (with the 
contextual rules (Abs), (App)) extended to terms of Ap. 

2. We denote by — >-g the reduction given by the sole (Ax /)- axioms and the 
contextual rules (Abs), (App). 

3. We use double decorations: M —t it j N means that there is a sequence 
consisting of i (3-reductions and j ¥ -reductions which goes from t to u. 

The Church-Rosser property still holds. 

Proposition 3.18. The Ap -calculus is confluent (cf. Theorem \3. 5\) . 

Proof. Theorem 13.51 insures that -»p is confluent. It is immediate to see 
that any two applications of the F axioms can be permuted: this is because 
two distinct F-redexes in a term are always disjoint subterms. Hence is 
confluent. Observe that -» is obtained by iterating finitely many times the 
relation -»p U Using Hindley- Rosen Lemma (cf. Barendregt's book [3], 
Proposition 3.3.5, or Hankin's book [19], Lemma 3.27), to prove that -» is 
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confluent, it suffices to prove that -»p and — > F commute. One easily reduces 
to prove that — >p and — > v commute, i.e., 

3P (M -tp P ^ ¥ N) 3Q (M >-p Q ->p N) . 

Any length two such sequence of reductions involves two redexes in the term 
M: a /3-redex R = (\x . A)B and a F-redex C = c r ai n • • • r dk~ l . There are 
three cases: either R and C are disjoint subterms of M or C is a subterm of 
A or C is a subterm of B. Each of these cases is straightforward. □ 

We adapt the notion of leftmost reduction in the Ap-calculus as follows. 

Definition 3.19. The leftmost reduction in Ap reduces the leftmost W-redex 
if there is some else it reduces the leftmost (3-redex. 

3.9 Good F-Terms 

To functions which can be obtained by composition from functions in F we 
associate canonical terms in Af and datatypes. These canonical terms are 
called good F-terms, they contain no abstraction, only constant symbols Cf, 
with / e F, and variables. 

Problem 3.20. We face a small problem. Functions in F are to represent static 
functions of an ASM. Such functions are typed whereas A F is an untyped 
lambda calculus. In order to respect types when dealing with composition of 
functions in F, the definition of good F-terms is done in two steps: the first 
step involves typed variables and the second one replaces them by untyped 
variables. 

Definition 3.21. 1. Let Ai, . . . , A n be the datatypes involved in functions of 
the family F. Consider typed variables xf* where j G N and i = 1, . . . , n. The 
family of pattern F-terms, their types and semantics are defined as follows: 
Let f e¥ be such that f : A h x • • • x A ik ->■ A q . 

• If x^ 1 , . . . , x^ k are typed variables then the term Cf x^ 1 . . . x^ k is a 

A- Ai 

pattern F-term with type A il x- • -xAj fc — > A q and semantics\cf x^ 1 . . . x- Ifc ] = 
/• 

• For j — 1, . . . , k, let tj be a pattern F-term with datatype Aj or a typed 

A ■ 

variable x i 3 . Suppose the term t — Cf t± ■ ■ -tk contains exactly the typed 
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h x g 




y z z x 

Figure 3: Composition tree 

variables xf* for G I and, for I = 1, . . . , k, the term ti contains 
exactly the typed variables xf 1 for (i,j) G ij C I. 
Then the term Cf t\---tk is a pattern F-term with type Yl ieI Ai — > 
A q and a semantics [c/ ti such that, for every tuple (ai)i e i G 

M(at)iei) = /flfaKaiWJ), • • • «(KWJ)) • 

2. Good F-terms are obtained by substituting in a pattern F-term untyped 
variables to the typed variables so that two distinct typed variables are sub- 
stituted by two distinct untyped variables. 

The semantics of good F-terms is best illustrated by the following exam- 
ple: the function h associated to the term c g (chy)x(c g zzx) is the one given 
by equality f(x, y, z) = g(h(y),x, g(z, z, x)) which corresponds to Figure [3791 

The reason for the above definition is the following simple result about re- 
ductions of good terms obtained via substitutions. It is proved via a straight- 
forward induction on good F-terms and will be used in §4.3[ 14.41 

Proposition 3.22. Let t be a good F-term with k variables yi, . . . , such 
that [£]=/: A^ x • • ■ x Ai k — > A q . Let N be the number of nodes of the tree 
associated to the composition of functions in F giving f (cf. Figure lST^) . 
There exists L t = O(N) such that, for every (at, . . . , o^) G A^ x ■ ■ • x A ik , 

£[ r ai n /yi, . . . , r a k 1 /y k ] ^> ¥ r f(a 1 , a k ) n 

and, using the leftmost reduction strategy, this sequence of reductions consists 
of exactly L t F-reductions. 
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4 Variations on Curry's Fixed Point 

4.1 Curry's Fixed Point 

Let us recall Curry's fixed point. 

Definition 4.1. The Curry operator ip h-> 9 V on \-terms is defined as follows 

9 F = (Arc . F(xx))(\x . F(xx)) . 
Theorem 4.2 (Curry's fixed point). For every \-term F, 9 F — > F9 F . 

Proof. One /3-reduction suffices: 9 F is of the form XX and is itself a redex 
(since X is an abstraction) which /3-reduces to F(XX), i.e., to F9 F . □ 

4.2 Padding Reductions 

We show how to pad leftmost reduction sequences so as to get prescribed 
numbers of (5 and F-reductions. 

Lemma 4.3 (Padding lemma). Suppose that F contains some function u : 
Bi x ■••x 5( -y Bj (with 1 < i < £) and some constants v\ e B\, . . . , 
vi G Bt. 

1. For every K > 2 and L > 0, there exists a \-term pad KL in Af with 
length 0{K + L) such that, for any finite sequence of \-terms 9,t±, . . . ,tk in 
A F which contain no F-redex, 

i. pad KL 9 t x ---t k -» 9 ti---t k . 

ii. The leftmost derivation consists of exactly L ¥ -reductions followed by 
K (3 -reductions. 

2. Moreover, if K > 3 ; one can also suppose that pad K L contains no ¥ -redex. 

Proof. 1. For the sake of simplicity, we suppose that u has arity 1, the general 
case being a straightforward extension. Let I — Xx . x and I — I • • • I (I 
times /). Observe that I e sq - ■ ■ s p -» sq- ■ ■ s p and the leftmost derivation 
consists of exactly £ /3-reductions. So it suffices to set pad K = I K and, for 
L > 1, 

L times 

pad KtL = I K ~ 2 (Xxy . y) (V^. f^iO •••))■ 
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2. To suppress the F-redex r ui nr i , i~ 1 , modify pad KL as follows: 

L times 



pad KtL = I K ' 3 (Xxy . xy) ((Xz . (^u\ . . ( r uP z) . . .))) V) 



□ 



4.3 Constant Cost Updates 

We use Curry's fixed point Theorem and the above padding technique to 
insure constant length reductions for any given update function for tuples. 

Lemma 4.4. Let A±, . . . ,A n be the datatypes involved in functions of the 
family F. Suppose that F contains some function u : B\ x • • • x Bi — > Bi (with 
1 < % < £) and some constants V\ G B\, . . . , G B^. Let r : {1, . . . , k} — > 
{1, . . . , n} be a distribution of indexes of sorts. For j = 1, . . . , k, let ipj be a 
good F-term with variables for i G Ij C {1, . . . , k} such that [<^j] = fj : 
Ylieij A r(i) -»■ A Ti j). 

There exists constants K min and L min such that, for all K > K min and L > 
Lmin, there exists a X-term 9 such that, 

1. Using the leftmost reduction strategy, for all (cti, . . . , a&) G A T u\ x • ■ ■ x 
A T (k), denoting by aj the tuple [a,j)jei, 

6v---v -» r h(s h y--- r f k (a Ik y . (i) 

2. This sequence of reductions consists of K f3 -reductions and L ¥ -reductions. 
Proof. Let K', V be integers to be fixed later on. Set 

F = pad K i u Xaxi . . . x& . aipx ■ ■ - <fk 9 — (Xz . F(zz)) (Xz . F(zz)) . 

Since 9 and the ip^s have no F-redex, we have the following leftmost reduc- 
tion: 



9 r a{^--- r aP -h,o F 9 r ai n ■ ■ • r ap (cf. Theorem E2J 

= pad K , L , (Xaxi ...x k . ay?i ■■■(Pk) 9 r a 1 ~ 1 ■ ■ ■ r a k ~ 1 

->k',l> (Xaxi . . . x k . aifi . . .(f k ) 9 r ai n • • • r a fc n 

(apply Lemma 14.31) 
->fc+i,o 9 v9i[ r ai n /xi, . . . , r a k ~ 1 /x k ] 

■ ■ ■ (fk[ r ai^/^u r ak n /x k ] 
^o,s 9 ^ h{a h r ■ ■ f k {a Ih r 

(apply Proposition I3.22p 
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where S = J2j=i k ^fj ■ The total cost is K' + k + 2 /3-reductions plus V + S 
F-reductions. We conclude by setting K' — K — {k + 2) and V = L — S. □ 

4.4 Constant Cost Conditional Updates 

We refine Lemma [4.41 to conditional updates. 

Lemma 4.5. Let A±, . . . , A n be the datatypes involved in functions of the 
family F. Suppose that F contains some function u> : B\ x • • • x Be — >■ Bi 
(with 1 < i < £) and some constants V\ G B\, vi G Be. Let r : 

{1, . . . , k} — > {1, . . . , n}, Li, . . . , L q G {1, . . . , n} be distributions of indexes of 
sorts. Let (p s )s=i,..., P +q, {Vi,j)i=i,..., P ,j=i,...,k, (le)i=i,..., q be sequences of good 
F-terms with variables with i varying in the respective sets I s ,I it j,Je C 
{1, . . . , k}. Suppose that 

IPs} = r s : U ieIa A T{i) -»■ Bool , 

be} = 9l ■ Ui & J e A r(i) -> 

(m particular, fxj, . . . , / pj - a// tofce values in A T ij\). There exists constants 
K m i n and L min such that, for all K > K min and L > L min , there exists a 
X-term 9 such that, 

1. Using the leftmost reduction strategy, for all (ai, . . . , a&) G A T m X • • • X A t q^ 
and s G {l,...,p,p+l,...,p + q}, 

If r s {a Is ) = True A Vi < s r t (a It ) = False (f) s 

then er fll n...r 0fc n _» J f F ' ' ' r fs,k{ai s<k V if*<P 

\ r ge(a Je r % f s = p + £ 

2. In all cases, this sequence of reductions consists of exactly K (3-reductions 
and L ¥ -reductions. 

Proof. Let K', L' be integers to be fixed at the end of the proof. For i = 
1, . . . ,p and £ = 1, . . . , q, let 

Mi = aifi tl ■ ■ ■ (p itk M p+ e = 7^ . 
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Using the Case n term from Proposition 13. 12\ set 

H = Case p+q M 1 . . . M P M P+1 . . . M p+q 

G = Xax 1 . . .x k . (H p 1 (x 1 . . .x k ) . . ■ p p + q (x 1 . . . x k )) 

F = pad K , L , G 

9 = (Xz . F{zz)) (Xz . F(zz)) 

The following sequence of reductions is leftmost because, as long as pad K , L , 
is not completely reduced, there is no F-redex on its right. 

9 r a 1 n --- r a k ' 1 -» lj0 F 9 r a 1 ~ l ■ ■ ■ r a k ~ 1 (cf. Theorem Q 
(i?x) = pad K , L ,G9 r ai n --- r a k ~ l 

-+k'jj G 9 r ai n • • - r aP 

Let us denote by A" the term A° = A[9/a, r ai n /x,i , . . . , r a k n /x k }. The 
leftmost reduction sequence goes on with /3-reductions as follows: 

, s G 9 r a 1 ~ 1 ■ ■ - r aP = (Xax 1 . . . x k . (H p x . . . p p+q )) 9 r a 1 ~ 1 ■ ■ ■ r a k n 

~ >fc+l,0 n P\ ■ ■ ■ Pp+q 

Now, using Proposition ^. 22[ the following leftmost reductions are F-reductions: 

Ps ^o,l Ps r r s (a Ia) ^ 
Going with our main leftmost reduction sequence, letting 

i=p j=k i=q s=p+q 

i=l j=l £=1 s=l 

and s be as in condition (f) s in the statement of the Lemma, we get 

H° pI ■ ■ ■ Pl +q = Case p+q M? . . . m;m; +1 . . . M° p+q ft... P ; +g 

—>o,n Case p+q 

(o r fi,i(z h ^--- r fiA*h, k ) n ) 

(Rs) (« ^ /p,l(^/,.l)" , ••• ^ /l^*(^)" , ) 

... ( r gq(s Jq y) 

Pi ■ ■ ■ Pp+q 

. j 9 r / s ,i(a /sl ) n ... r / Sifc (a /sfc) n ifs<p 

3(p+<?) '° 1 r gt(a Je D zfs=p + £ 
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Summing up reductions (Ri), (R2), (R3), we see that 

flr^n r„ 1 , M r / s ,i( 5 / M ) n • • • r /s,fc(a/ s , fc ) n if s < p 
1 "' k vX I r 9i(a Je y) ifs = p + £ 

where 77 = 1 + K' + (k + 1) + 3(p + g) and C = + iV. 
To conclude, set K min = k + 5 + 3(p + q) and L min = N. If K > K min and 
L > L min it suffices to set K' = K — (K min — 3) and L' = L — L min and to 
observe that K' > 3 as needed in Lemma [4.31 □ 



5 ASMs and Lambda Calculus 

All along this section, S = (C,P, (£, J)) is some fixed ASM (cf. Definition 
EEU). 

5.1 Datatypes and ASM Base Sets 

The definition of ASM does not put any constraint on the base sets of the 
multialgebra. However, only elements which can be named are of any use, 
i.e. elements which are in the range of compositions of (static or dynamic) 
functions on the ASM at the successive steps of the run. 
The following straightforward result formalizes this observation. 

Proposition 5.1. Let (£, P, (£, J)) be an ASM. Let U\, . . . , U n be the base 
sets interpreting the different sorts of this ASM. For teN, let Af C U\,. . . , 
A$ C U n be the sets of values of all ground good ¥ -terms (i.e. with no 
variable) in the t-th successor state S t of the initial state J of the ASM. 

1. For any t G N, Af D A ( ( +l) , . . . , A$ D A<n +1) . 

2. (Ai, . . . ,An) is a submultialgebra of St, i.e. it is closed under all static 
and dynamic functions of the state S t . 

Thus, the program really works only on the elements of the sets (A^, . . . , A$) 
of the initial state which are datatypes defined via mutual inductive defini- 
tions using £ and J . 
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5.2 Tailoring Lambda Calculus for an ASM 

Let F be the family of interpretations of all static symbols in the initial state. 
The adequate Lambda calculus to encode the ASM is Ap. 
Let us argue that this is not an unfair trick. An algorithm does decompose 
a task in elementary ones. But "elementary" does not mean "trivial" nor 
"atomic" , it just means that we do not detail how they are performed: they 
are like oracles. There is no absolute notion of elementary task. It depends on 
what big task is under investigation. For an algorithm about matrix product, 
multiplication of integers can be seen as elementary. Thus, algorithms go 
with oracles. 

Exactly the same assumption is done with ASMs: static and input functions 
are used for free. 

5.3 Main Theorem for Type ASMs 

We first consider the case of type ASMs. 

Theorem 5.2. Let (£, P, (£, J)) be an ASM with base sets U\, . . . ,U n . Let 
A\,. . . , A n be the datatypes A^\. . . , An^ (cf. Proposition 15. Let ¥ be 
the family of interpretations of all static symbols of the ASM restricted to 
the datatypes A\,. . . , A n . Suppose all dynamic symbols have arity ; i.e. all 
are constants symbols. Suppose these dynamic symbols are rji, and 
r)i, . . . , r)£ are the output symbols. 

Let us denote by e\ the value of the constant rji in the t-th successor state St 
of the initial state J . 

There exists K such that, for every K > K , there exists a X-term 9 in Ap 
such that, for all initial values e°, . . . , e° of the dynamic constants and for all 
t > 1, 

{if the run does not halt 
nor fail nor clash 
for steps < t 

r e° n — > Ks ( r l n , r e* n . . . r e'p) if the run halts at step s < t 
r e < l~ l — >Ks r 2 n if the run fails at step s <t 

r e < l~ l -^Ks r 3 n if the run clashes at step s <t 

Thus, groups of K successive reductions simulate in a simple way the succes- 
sive states of the ASM, and give the output in due time when it is defined. 



r o 0-i 



r p o-i 
r^on 



r o 0-i 
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Proof. Use Theorem 12.181 to normalize the program P. We stick to the no- 
tations of that Theorem. Since there is no dynamic function, only dynamic 
constants, the ASM terms Cj and Ijj name the result of applying to the 
dynamic constants a composition of the static functions (including static 
constants). Thus, one can associate good F-terms Pi,(pi,j to these composi- 
tions. 

Observe that one can decide if the program halts or fails or clashes via some 
composition of functions in F (use the static equality function which has been 
assumed, cf. Definition 12. 14p . So enter negative answers to these decisions in 
the existing conditions C\, . . . , C n . Also, add three more conditions to deal 
with the positive answers to these decisions. These three last conditions are 
associated to terms 71,72,73- Finally, apply Lemma 1431 (with p = n and 
q = 3). □ 

Remark 5.3. A simple count in the proof of Lemma [4.51 allows to bound Kq 
as follows: K = 0((size of P) 2 ). 

5.4 Main Theorem for All ASMs 

Let ip be a dynamic symbol. Its initial interpretation ips is given by a com- 
position of the static objects (cf. Definition 12. 5ft hence it is available in each 
successor state of the initial state. In subsequent states St, its interpretation 
ips t i s different but remains almost equal to ips : the two differ only on 
finitely many tuples. This is so because, at each step, any dynamic symbol is 
modified on at most N tuples where N depends on the program. Let Aijj be 
a list of all tuples on which tps has been modified. What can be done with 
ip can also be done with ips an d Aip. Since ips is available in each successor 
state of the initial state, we are going to encode Aip St rather than ip St . Now, 
Aip s t is a list an d we need to access in constant time any element of the list. 
And we also need to manage the growth of the list. 

This is not possible in constant time with the usual encodings of datatypes 
in Lambda calculus. So the solution is to make Af bigger: put new constant 
symbols to represent lists and allow new F-reduction axioms to get in one 
step the needed information on lists. 

Now, is this fair? We think it is as regards simulation of ASMs. In ASM 
theory, one application of the program is done in one unit of time though it 
involves a lot of things to do. In particular, one can get in one unit of time 
all needed information about the values of static or dynamic functions on 
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the tuples named by the ASM program. What we propose to do with the 
increase of A F is just to get more power, as ASMs do on their side. 

Definition 5.4. Let Ai, . . . ,A n be the datatypes involved in functions o/F. 
If e = (zi, . . . ,i m ,i) is an (m + l)-tuple of elements in {1, . . . ,n}, we let L £ 
be the datatype of finite sequences of {m + l)-tuples in A ix x ■ • • x A im x Aj. 
Let E be a family of tuples of elements of {1, ... ,n}. The Lambda calculus 
Ap is obtained by adding to Af families of symbols 

(F £ ,B £ ,V £ ,Add £ ,Del £ ) £&E 

and the axioms associated to the following intuitions. For e = (ii, . . . , i m , i), 

i. Symbol F £ is to represent the function L £ — > Bool such that, for a G L £ , 
F £ (a) is True if and only if a is functional in its first m components. In 
other words, F £ checks if any two distinct sequences in a always differ 
on their first m components. 

ii. Symbol B £ is to represent the function L £ x (A ix x • • • x A im ) — > Bool 
such that, for o~ G L £ and a G A^ x ■ ■ • x Ai m , B £ (o~, a) is True if and 
only if a is a prefix of some (m + l)-tuple in the finite sequence a. 

Hi. Symbol V £ is to represent the function L £ x (A^ x • • • x A im ) — > Ai such 
that, for a G L £ and a G A^ x • • • x Ai m , 

- V £ (a, a) is defined if and only if F £ (o~) = True and B £ (a, a) = True, 

- when defined, V £ (a, a) is the last component of the unique (m+l)-tuple 
in the finite sequence o which extends the m-tuple a. 

iv. Symbol Add £ is to represent the function L £ x (A ix x • ■ ■ x A im x Ai) — > L £ 
such that, for o G L £ and a G Ai l x • • • x Ai m x Ai, Add £ (o~, a) is obtained 
by adding the tuple a as last element in the finite sequence a. 

v. Symbol Del £ is to represent the function L £ x (A^ x • ■ ■ x A im x Ai) — )■ L £ 
such that, for o G L £ and a G A ix x • • ■ x A im x Ai, Del £ (a, a) is obtained 
by deleting all occurrences of the tuple a in the finite sequence a. 

Now, we can extend Theorem 15.21 

Theorem 5.5. Let (C, P, (£, J)) be an ASM with base sets lAx, . . . ,U n . Let 
A\,. . . , A n be the datatypes A± ,. . . , A^ (cf. Proposition \5.1\) . Let F be 
the family of interpretations of all static symbols of the ASM restricted to 
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the datatypes A\,. . . , A n . Let rjx, . . . , % be the dynamic symbols of the ASM. 
Suppose rji has type U T ^\) x • • • x U T ^ tPi ) — > U qi for i = 1, . . . , k. 
Set E = {(r(i, 1), . . . , r(i,Pi), ft) | i = 1, . . . , k}. 

The conclusion of Theorem \5.2\ is still valid in the Lambda calculus A§ with 
the following modification: 

e\ is the list ofpi + 1-tuples describing the differences between the 
interpretations of (?7i) 5() and (f]i) St - 
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